Malicious Package

Overview firebase-extensions is a malicious package. It uses a preinstall script to steal environment variables. Remediation Avoid using all malicious instances of the firebase-extensions package. Credit: Snyk Research...

USN-5006-2 php5, php7.0 vulnerabilities

USN-5006-1 fixed several vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that PHP incorrectly handled certain PHAR files. A remote attacker could possibly use this issue to cause PHP to...

USN-5006-1 php7.2, php7.4 vulnerabilities

It was discovered that PHP incorrectly handled certain PHAR files. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service, or possibly obtain sensitive information. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. CVE-2020-7068 It wa...

PHP 7.3.x < 7.3.29 Multiple Vulnerabilities

According to its self-reported version number, the version of PHP installed on the remote host is 7.3.x prior to 7.3.29, 7.4.x prior to 7.4.21, or 8.x prior to 8.0.8. It is, therefore, affected by multiple vulnerabilities: - Server-Side Request Forgery SSRF bypass in FILTERVALIDATEURL...

PHP 7.4.x < 7.4.21 Multiple Vulnerabilities

According to its self-reported version number, the version of PHP installed on the remote host is 7.3.x prior to 7.3.29, 7.4.x prior to 7.4.21, or 8.x prior to 8.0.8. It is, therefore, affected by multiple vulnerabilities: - Server-Side Request Forgery SSRF bypass in FILTERVALIDATEURL...

Denial Of Service

php7 is vulnerable to denial of service. The vulnerability exists due to the system allowing a malicious firebase server or man-in-the-middle attacker to crash PHP...

SolarWinds attackers launch new campaign

Nobelium is a synthetic chemical element with the symbol No and atomic number 102. It is named in honor of Alfred Nobel. But it is also the name given to the threat actor that is behind the attacks against SolarWinds, the Sunburst backdoor, TEARDROP malware, GoldMax malware, other related...

Uncontrolled Resource Consumption

Overview This affects the package @firebase/util before 0.3.4. This vulnerability relates to the deepExtend function within the DeepCopy.ts file. Depending on if user input is provided, an attacker can overwrite and pollute the object prototype of a program. Recommendation Upgrade to version 0.3....

2bsafe-api (>=1.0.1 <=1.0.2), 3architecture (>=1.0.0 <=1.7.0) +2321 more potentially affected by CVE-2020-7765 via @firebase/util (>=0.1.10-canary.a1020bf <=0.3.4-2020103231751)

@firebase/util NPM version =0.1.10-canary.a1020bf, =1.0.1, =1.0.0, =1.0.0, =1.0.0, =0.1.0, =0.1.1, =1.0.24, =0.65.0, =0.53.0, =0.50.0, =1.0.1, =0.0.2, =0.0.1, =0.1.0 and more Source cves: CVE-2020-7765 Source advisory: OSV:GHSA-FPM5-VV97-JFWG...

GHSA-FPM5-VV97-JFWG Uncontrolled Resource Consumption in firebase

This affects the package @firebase/util before 0.3.4. This vulnerability relates to the deepExtend function within the DeepCopy.ts file. Depending on if user input is provided, an attacker can overwrite and pollute the object prototype of a program...

Uncontrolled Resource Consumption in firebase

This affects the package @firebase/util before 0.3.4. This vulnerability relates to the deepExtend function within the DeepCopy.ts file. Depending on if user input is provided, an attacker can overwrite and pollute the object prototype of a program...

Baserunner - A Tool For Exploring Firebase Datastores

A tool for exploring and exploiting Firebase datastores. Set up 1. git clone https://github.com/iosiro/baserunner.git 2. cd baserunner 3. npm install 4. npm run build 5. npm start 6. Go to http://localhost:3000 in your browser. Usage The Baserunner interface looks like this: First, use the...

app-context-connie (>=0.0.1 <=1.1.0), app-context-connie-firebase (>=0.0.1 <=0.0.3) +1 more potentially affected by CVE-2020-7706 via connie-lang (>=0.0.1 <=0.1.0)

connie-lang NPM version =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.2.1 Source cves: CVE-2020-7706 Source advisory: OSV:GHSA-8VV3-JXM8-F4VF...

Stripo Inc: Bypassing Content-Security-Policy leads to open-redirect and iframe xss

Summary: https://my.stripo.email/cabinet//template-editor/..... has the ff: code to make iframes more secure: html pointing to other domains won't work but, the whitelist in frame-src data has listed .firebaseapp.com, a free hosting domain, leading to iframe abuse and redirects Steps To Reproduce...

Android “System Update” malware steals photos, videos, GPS location

A newly discovered piece of Android malware shares the same capabilities found within many modern stalkerware-type apps—it can swipe images and video, rifle through online searches, record phone calls and video, and peer into GPS location data—but the infrastructure behind the malware obscures it...

Watch Out! That Android System Update May Contain A Powerful Spyware

Researchers have discovered a new information-stealing trojan, which targets Android devices with an onslaught of data-exfiltration capabilities — from collecting browser searches to recording audio and phone calls. While malware on Android has previously taken the guise of copycat apps, which go...

Watch Out! That Android System Update May Contain A Powerful Spyware

Researchers have discovered a new information-stealing trojan, which targets Android devices with an onslaught of data-exfiltration capabilities — from collecting browser searches to recording audio and phone calls. While malware on Android has previously taken the guise of copycat apps, which go...

9 Android Apps On Google Play Caught Distributing AlienBot Banker and MRAT Malware

Cybersecurity researchers have discovered a new malware dropper contained in as many as 9 Android apps distributed via Google Play Store that deploys a second stage malware capable of gaining intrusive access to the financial accounts of victims as well as full control of their devices. "This...

10K Microsoft Email Users Hit in FedEx Phishing Attack

Researchers are warning of recent phishing attacks targeting at least 10,000 Microsoft email users, pretending to be from popular mail couriers – including FedEx and DHL Express. Click to Register Both scams have targeted Microsoft email users and aim to swipe their work email account credentials...

Microsoft Office 365 Attacks Sparked from Google Firebase

A phishing campaign bent on stealing Microsoft login credentials is using Google Firebase to bypass email security measures in Microsoft Office 365, researchers said. Researchers at Armorblox uncovered invoice-themed emails sent to at least 20,000 mailboxes that purport to share information about...